OAuth2 Support

JavaMail 1.5.5 and later

Since OAuth2 uses an “access token” instead of a password, you’ll want
to configure JavaMail to use only the XOAUTH2 mechanism. The access
token is passed as the password, which obviously won’t work with any of
the other authentication mechanisms. For example, to access Gmail:

You’ll need to acquire an OAuth2 access token to be used for the
session, e.g., using
these Google tools
and the procedure described
here
to obtain OAuth2 credentials from the
Google Developers Console.
In particular, you’ll need the Client ID and the Client secret from the
Google Developers Console for use with the oauth2.py program to
generate a Refresh Token, from which you can generate an Access Token.
(Note that the OAuth2 access token does not need to be base64
encoded first; the XOAUTH2 provider will do that. Note also that the
Google OAuth2 provider at the link above is not needed, only the
oauth2.py program to generate an access token.)

To connect to Outlook.com using OAuth2, see
this page
and the procedure described
here
for creating a Refresh Token and Access Token.
Get your Client ID and Client secret from the
Microsoft account Developer Center.
The general procedure above should work to connect to
imap-mail.outlook.com, but the access token will need to be acquired as
described on the Outlook.com page.

OAuth2 is also supported with SMTP; change “imap” to “smtp” in the
property names. OAuth2 is not supported for pop3.

JavaMail 1.5.2 and later

The SASL XOAUTH2 provider will be
added to the Java security configuration
when SASL support is first used. The application must have the
permission SecurityPermission("insertProvider.JavaMail-OAuth2").

Since OAuth2 uses an “access token” instead of a password, you’ll want
to configure JavaMail to use only the SASL XOAUTH2 mechanism. The
access token is passed as the password, which obviously won’t work with
any of the other authentication mechanisms. For example, to access
Gmail: